Apple fixes zero-day vulnerability exploited in “extremely sophisticated attack” (CVE-2025-43300)

Threat Score:

Feeds2

7 hours ago

Part of cluster #2096

Overview

Apple fixes zero-day vulnerability exploited in “extremely sophisticated attack” (CVE-2025-43300) Apple has fixed yet another vulnerability (CVE-2025-43300) that has apparently been exploited as a zero-day “in an extremely sophisticated attack against specific targeted individuals.” CVE-2025-43300 CVE-2025-43300 is anout-of-bounds writeissue that could be triggered by a vulnerable device processing a malicious image file, leading to exploitable memory corruption. The vulnerability affects theIma...

Continue Reading on Original Site

5 articles

How Warlock Ransomware Targets Vulnerable SharePoint Servers

Dark Reading • 6 hours ago

Researchers highlight how Warlock, a new ransomware heavyweight, uses its sophisticated capabilities to target on-premises SharePoint instances.

Score

Russian State Hackers Exploit 7-Year-Old Cisco Router Vulnerability

Hackread • 6 hours ago

FBI and Cisco warn Russian hackers are exploiting a 7-year-old Cisco Smart Install vulnerability on outdated routers and…

Score

Stop Reacting; Start Anticipating: The Global State of Threat Intelligence

Brighttalk • 12 hours ago

Presented by Jitin Shabadu, Forrester Analyst | Jayce Nichols, Director, Intelligence Solutions, Google Threat Intelligence Group

Score

At least three UK organizations hit by SharePoint zero-day hacking campaign

Therecord • 14 hours ago

At least three British organizations have reported to the country’s data protection regulator that hackers exploited bugs affecting on-premise Microsoft SharePoint servers.

Score

RingReaper Malware Targets Linux Servers, Stealthily Evading EDR Solutions

GB Hackers • 5 hours ago

RingReaper Malware Targets Linux Servers, Stealthily Evading EDR Solutions A new malware campaign dubbed RingReaper has emerged, targeting servers with advanced post-exploitation capabilities that exploit the kernel’s io_uring asynchronous I/O interface to bypass Endpoint Detection and Response (EDR) systems. This sophisticated agent minimizes reliance on traditional system calls like read, write, recv, send, or connect, instead using io_uring primitives such as io_uring_prep_* for stealthy oper

Score

CVES

CVE-2025-43300

ATTACK TYPES

Memory Corruption

Remote Code Execution

VULNERABILITIES

Memory Corruption

Out-of-Bounds Write

Zero-Day

COMPANIES

Apple

PLATFORMS

iOS

macOS

MITRE ATT&CK

T1068

T1071.001

T1102

T1203

T1403

INDUSTRIES

Technology

ARTICLE INFORMATION

Article #12779

Published 7 hours ago

Feeds2

THREAT HUNTING

THREAT INTELLIGENCE

BUSINESS INTELLIGENCE

Save to Folder

Article Intelligence

THREAT HUNTING

THREAT INTELLIGENCE

BUSINESS INTELLIGENCE

Overview

Related Articles

How Warlock Ransomware Targets Vulnerable SharePoint Servers

Russian State Hackers Exploit 7-Year-Old Cisco Router Vulnerability

Stop Reacting; Start Anticipating: The Global State of Threat Intelligence

At least three UK organizations hit by SharePoint zero-day hacking campaign

RingReaper Malware Targets Linux Servers, Stealthily Evading EDR Solutions

Save to Folder

Article Intelligence

We use cookies

Cookie Settings

Essential Cookies

Analytics Cookies

Performance Cookies

Marketing Cookies